Lucene search
MitreCVE-2008-3901HistorySep 03, 2008 - 2:12 p.m.
CVE-2008-3901
2008-09-0314:12:00
CWE-200
mitre
web.nvd.nist.gov
24
cve-2008-3901
software suspend 2
linux kernel 2.6.16
pre-boot authentication
bios
information security
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0
Percentile
5.1%
Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
Affected configurations
Node
linuxlinux_kernelMatch2.6.16
suspend2software_suspend_2Match2-2.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | 2.6.16 | cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:* |
| suspend2 | software_suspend_2 | 2-2.2.1 | cpe:2.3:a:suspend2:software_suspend_2:2-2.2.1:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-3901
2008-09-03 14:12:00
prion
prion
Design/Logic Flaw
2008-09-03 14:12:00
ubuntucve
ubuntucve
CVE-2008-3901
2008-09-03 00:00:00
cvelist
cvelist
CVE-2008-3901
2008-09-03 14:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2008-3901